►
From YouTube: Container Scanning remediations bug
Description
In this video, I'm trying to reproduce the bug: https://gitlab.com/gitlab-org/gitlab/-/issues/296219 where the remediations created have fixes grouped for multiple vulnerabilities, whereas the bug states that the fixes are not grouped.
A
A
So
I
have
a
branch
in
here
which
is
using
the
latest
container
scanning
image,
and
it
also
has
the
grid
strategy
sfh,
which
would
make
sure
that
we
have
the
remediation
supplied
so
I'll
take
a
look
into
the
latest
pipeline.
As
you
can
see,
we
have
bunch
of
vulnerabilities,
reported
I'm
going
to
do
the
the
json.
A
File
so
I'll
search
for
the
mediations
so
I'll
take
this
instance,
for
example,
as
you
can
see,
the
fixes
object
in
here
has
multiple
one
libraries.
This
is
against
what
is
that
it's
mentioned
in
the
issue?
It
says
that
for
a
single
fix
or
finger
single
change,
diff,
we
have
different
two
different
fixes
object,
which
is
not
the
case
here.
A
So
let's
take
this
modeling
liberty
as
an
example
and
I'll
search
through
in
the
security
tab.
A
I'll
filter
it
for
high,
so,
as
you
can
see,
we
have
one-
and
this
also
so
shows
the
solution,
and
we
could
also
resolve
this
with
an
mr
here.
We
have
another
cv
here.